How to evolve Threat Modeling to be more effective, efficient and provide value for the Business? Read through this post, and you’ll know!Continue Reading...
Some of the most famous Threat Modeling practicians have joined forces to publish the Threat Modeling Manifesto.
The article analyzes this document and provides additional considerations and ideas.
I am happy to announce that this week I will participate to a panel discussion with Abel Wang, Principal Cloud Advocate and DevOps Lead at Microsoft, and Juan Alvarez, Application Architect Senior Manager at Accenture, on the Security in DevOps, entitled “DevSecOps: Shedding Light on Its Present and Future” and part of a 2 hrs virtual conference organized by WhiteSource.
The link to register is https://lnkd.in/eJtBSUk.
I am happy to announce that tomorrow I will participate to a Webinar with Spencer Koch and Altaz Valani on how Security could and should the play the role of a business enabler for the value stream.
To register for the webinar, please use the following link: https://bit.ly/3pgUfyR.
Are you curious to learn how you can make an impact, with limited resources? With a vision and the right tools, of course!
To learn more, please read an article I recently prepared for PostSharp’s blog: https://blog.postsharp.net/post/how-to-revolutionize-security.html.
Yes, dear reader, I have been guilty of not informing you. Things are going so fast nowadays, I still feel a little dizzy.
First of all, I have to report two webcasts I participated to:
- The first one has been “Maintain Software Security During Code Changes”, with John Martin, Lofti Ben-Othame & Altaz Valani. You can find the recording from https://resources.securitycompass.com/webinars/maintain-software-security-during-code-changes.
- The next one has been on “The Importance of Threat Modeling”, for Xellentro and DevOps India Summit. You can find it in https://t.co/SUIunoSibX.
- The third webinar has been with Altaz Valani, Christopher Schmitz, Sebastian Pape and Hasan Yasar, on “Research Perspectives on Lightweight Security Risk Assessments”. It can be found in https://resources.securitycompass.com/webinars/cyber-security-risk-assessments.
And finally, the last webinar, which is yet to come. It is a presentation on “The Need of Threat Modeling in a DevSecOps World”, and is part of the DevSecOps days, organized by the Software Engineering Institute of the Carnegie Mellon University. To see the full program and register, you can go to https://www.devsecopsdays.com/2020-devsecops-days-washington-dc.
What is the need of Threat Modeling, when we have SAST, DAST, SCA and PenTests? No need, or all the need in the world. The question may seem odd at first, but it has a lot of merits. Read through this post to learn more.Continue Reading...